-
Notifications
You must be signed in to change notification settings - Fork 96
Bassem Helmy
Ch33r10 edited this page Dec 28, 2021
·
2 revisions
Bassem Helmy Enterprise Purple Teaming Professional Interview
6/20/21
Cyber security strategies cover a different set of capabilities distributed on a maturity scale from initial level (1), repeatable (2), defined (3), managed (4) to optimized (5). Each capability depends on three major aspects: people, process, and technology. Purple teaming is one of those capabilities that requires the organization to be at least be in defined level (3). Defined level means that the organization understands the business crown jewels and what needs to be protected in order to maintain business objectives. Additionally, the operating model of the organization defines which capabilities on each maturity level can be fully owned and operated by the organization or to offload it to a third party for multiple reasons (cost reduction, transfer risk). For organizations relying on SOCMSSP, they might not be interested in performing purple teaming activities or building the capability as they don’t own the capability and it is not under their accountability.